The course will cover the fundamentals of IoT risk and regulation, fundamental of IoT solutions through a case study; the components and technologies to provide a baseline understanding of the systems and devices that you need to protect. In addition to IoT threats & attacks, IoT risk management, compliance that need to be followed with the laws and regulations.
What am I going to get from this course?
- Understanding IoT Fundamentals.
- IoT Architecture.
- Understanding IoT Threats.
- Understanding IoT Solution Risk Management.
- Understanding IoT Compliance.
Prerequisites and Target Audience
What will students need to know or do before starting this course?
Basic Computer Knowledge.
Who should take this course? Who should not?
Anyone who is interested in IoT security solution, threats, risks, compliance, and regulations.
Module 1: Introduction
A brief description of IoT technology.
In this lecture, we will cover the importance of IoT in business and personal life and why big business is investing in IoT.
IoT History and how its started,
The different IoT Implementation components and phases
Different IoT layers definitions and functionality.
A high-level explanation about the Hardware used for IoT, especially different types of Microcontroller and the advantage / disadvantage of each one of them.
Different IoT Sofware category and the usage of each one of them.
Module 2: Case Study
Introduction to the case studies that will be covered in this module.
A Case Study of Self- Driving Vehicle as a proof of concept
Major threats actor facing Smar Driving Vehicles (SDV)
Security Credential Management System (SCMS)
The SCMS is a POC message security solution for vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication.
Energy Management for Smart City
Second IoT case study which is Energy Management for Smart City
The definition of IoT Security
Security In Layers
Using different layers in an security implementation is considered a best practice.
A definition of the IoT privacy
IoT Attacks vector and the best sources to identify the latest IoT surface attack and vulnerability
One of OWASP IoT vulnerability is weak and default passwords.
Denial of Service attack
An explanation with a demonstration for Denial of service attack (DOS Attack)
Encryption is considered on of OWASP top IoT Vulnerability
Module 4: Risk Management
Introduction to Risk Management
A brief Introduction to Risk Managment Section
Important Risk Definitions that you need to be aware of before doing a Risk assessment.
Risk Management Strategies
The 4 different strategies that is used to manage different types of Risk.
A Risk Analysis Description
Risk Management Framework - NIST
The Standard that needs to be followed when conducting a Risk assessment from National Institute of standards and technology (NIST) .
NIST SP 800-30
IoT Risk assessment guidelines
Another IoT Risk assessment guidelines
IoT Security and Privacy Risk Consideration -NIST
NIST Approach for IoT Security and Privacy Risk Consideration for any business solution
Module 5: ModuIoT Regulation and Compliance le...
IoT Security Regulation
The Maor IoT Security Regulation in US and Europe
IoT Privacy Regulation
The Major 29- IoT Privacy Regulation (European Union Article 29 Data Protection )
Other Information Security Compliance such as HIPAA, PCI /DSS